STP Interview Questions and Answers [CCNP]

- March 01, 2017

What is STP & Redundant Links?

Spanning Tree Protocol (STP) is a protocol which prevents layer 2 loops. STP enables switches to
become aware of each other so that they can negotiate a Loop-Free path through network. In practical
Scenario, Redundant links are created to avoid complete network failure in an event of failure of one
link.

How STP works?

STP chooses a Reference point (Root Bridge) in the network and calculates all the redundant paths to
that reference point. Than it picks one path by which to forward frames and blocks other redundant
paths.

What are the different port states?

1. Disabled - A port in the disabled state does not participate in the STP.

2. Blocking - A blocked port does not forward frames. It only listens to BPDUs. The purpose of the
blocking state is to prevent the use of looped paths.

3. Listening - A port in listening state prepares to forward data frames without populating the MAC
address table. The port also sends and listens to BPDUs to make sure no loops occur on the network.

4. Learning - A port in learning state populates the MAC address table but doesn’t forward data
frames. The port still sends and receives BPDUs as before.

5. Forwarding - The port now can send and receive data frames, collect MAC addresses in its address
table, send and receive BPDUs. The port is now a fully functioning switch port within the spanning-
tree topology.

What is the default time a port takes to transition from the blocking state to the forwarding state?

The default time a port takes to transition from the blocking state to the forwarding state is 50
seconds: 20 seconds for Max Age, 15 seconds for listening, and 15 seconds for learning.
What are STP Timers and Explain different types of STP Timers?

STP uses three timers to make sure that a network converges properly before a bridging loop can
form.

1. Hello - The time interval between Configuration BPDUs sent by the root bridge. It is 2 seconds by
default.

2. Forward Delay - The time interval that a switch port spends in both the Listening and Learning
states. The default value is 15 seconds.

3. Max Age - Maximum length of time, a BPDU can be stored without receiving an update. It can also
be define as a time interval that a switch stores a BPDU before discarding it. It is 20 seconds by default.

Explain types of STP Port Roles?

1. Root port - The root port is always the link directly connected to the root bridge, or the shortest
path to the root bridge. It is always on Non-Root Bridge.

2. Designated port - A designated port is one that has been determined as having the best (lowest)
cost. A designated port will be marked as a forwarding port. It can be on both Root Bridge & Non Root
Bridge. All ports of Root Bridge are Designated Port.

3. Forwarding port - A forwarding port forwards frames.

4. Blocked port - A blocked port is the port that is used to prevent loops. It only listens to frames. Any
port other than Root port & Designated port is Block Port.

What is the STP blocking state?

When a switch starts, all ports are in the blocking state to prevent any loop in the network. If there is a
better path to the root bridge, the port remains in the blocked state. Ports in the blocked state cannot
send or receive traffic, but they can receive BPDUs.

What is BPDU?

All the switches exchange information to select Root Bridge as well as for configuration of the
network. This is done through Bridge Protocol Data Unit (BPDU). Each switch compares the
parameters in the BPDU that it sends to one neighbor with the one that it receives from another
neighbor.
How often do Bridges send BPDUs on active ports?

The default time that bridges send BPDUs is 2 seconds.

What does STP do when it detects a topology change in the network due to a bridge or link failure?

If spanning tree detects a change in the network due to a bridge or link failure, it send out
TCN[topology change message] BPDU and at least one bridge interface changes from the blocking
state to the forwarding state, or vice versa.

What is the Max Age timer?

The Max Age timer is how long a bridge stores a BPDU before discarding it. The default time is 20
seconds (ten missed hello intervals).

What is STP forward delay?

The forward delay is the time it takes for a port to move from the listening state to the learning state
or from the learning state to the forwarding state. The default time is 30 seconds.

What is the destination MAC address used by Bridge Protocol Data Units (BPDUs)?

Bridge Protocol Data Units (BPDUs) frames are sent out as at multicast destination MAC address
01:80:c2:00:00:00.

What are Types of BPDU?

Two types of BPDU exist -

1. Configuration BPDU - Used for Spanning-Tree Computation.

2. Topology Change Notification (TCN) BPDU - Used to announce changes in the Network Topology.

How Root bridge is elected?

The Bridge ID is used to elect the root bridge in the STP domain. This ID is 8 bytes long and includes
both the priority and the MAC address of the device. Switch with the lowest Bridge ID is elected as the
Root bridge which means Switch with the lowest priority will become Root Bridge if two or more
switches have same priority than switch with lowest mac address will become Root Bridge.

Explain Root path cost?

Root path cost is the Cumulative Cost of all links to the Root Bridge.

How Root Ports are elected?

Non Root Bridges use Root path cost to determine which port will be the Root port. The port with the
lowest root path cost is elected as the root port and is placed in the forwarding state.

What is the difference between Path cost and Root Path cost?

Path cost is the value assigned to each port. It is added to BPDUs received on that port to calculate the
root path cost. Root path cost is defined as the cumulative cost to reach the root bridge. This value is
calculated by adding the receiving port's path cost to the value contained in the BPDU. In a BPDU,
Root path cost is transmitted not the path cost.

What is Path Cost or Spanning Tree Path Cost value?

The Spanning Tree Cost Value is inversely proportional to the associated bandwidth of the link and
therefore a path with a low cost value is more preferable than a path with high cost value.

Link Bandwidth Cost Value

10 Gbps 2

1 Gbps 4

100 Mbps 19

10 Mbps 100

What is Root Port?

Once the Root Switch is elected, every other Switch in the network must select a single port on itself
to reach the Root Switch. The single selected port on a Switch with least Path Cost to reach the Root
Bridge is called the Root Port. Root Bridge will never have a Root Port.
What is Extended System ID?

The Extended System ID is utilized by spanning-tree to include the VLAN ID information inside 16-bit
STP Bridge Priority value. Extended System ID is the least significant 12-bits in 16-bit STP Bridge
Priority value.

Explain Root Guard ?

Root guard is used to protect root bridge. Root Guard stops a new switch introduced in the network
with a lower bridge ID to become the root bridge. If a port with Root Guard feature enabled receives a
superior BPDU, it moves the port into a root-inconsistent state (equal to a listening state) thus
maintaining the current Root Bridge status. It is enabled on interface level.

switch(config-if)# spanning-tree guard root

What is BPDU Guard ?

When we enable portfast on a port , we do not expect BPDU's on that port. Suppose a switch is
connected by mistake on the port where portfast is enabled, loop can form. An even greater
consequence is that connected switch has potential to become root bridge. The BPDU Guard feature
was developed to protect the integrity of switch ports that have PortFast enabled. If any BPDU
(superior to the current root or not) is received on a port where BPDU Guard is enabled, that port
immediately is put into the error-disable state. The port is shut down in an error condition and must
be either manually re-enabled or automatically recovered through the error-disable timeout function.

BPDU Guard can be enabled on both interface & global level. It is basically enabled on access layer
switches. In this all vlans are effected.

Switch(config)# spanning-tree portfast bpduguard default

Switch(config-if)# spanning-tree bpduguard enable

Explain Sudden Loss of BPDUs?

Suppose switch does not receive BPDUs, it will think that the topology must have changed, so blocked
ports can be unblocked again. What if the absence of BPDUs is actually a mistake and not a topology
change, bridging loops easily can form.
There are two features that help detect or prevent the unexpected loss of BPDUs:-

1. Loop Guard

2. Unidirectional Link Detection (UDLD)

What is Loop Guard?

Loop Guard keeps track of the BPDU activity on non-designated ports. It does not allow non-
designated ports to become designated ports in case of sudden loss of BPDUs. While BPDUs are
received, the port is allowed to behave normally. When BPDUs go missing, Loop Guard moves the port
into the loop-inconsistent state (port is effectively blocking at this point to prevent a loop from
forming and to keep it in the non-designated role). When BPDUs are received on the port again, Loop
Guard allows the port to move through the normal STP states and become active.

It can be enabled on both interface & global level. It affects per vlan basis.

Switch(config)# spanning-tree loopguard default

Switch(config-if)# spanning-tree guard loop

What is BPDU Filter?

STP runs on a switch to prevent loops. However, in special cases when we need to prevent BPDUs from
being sent or processed on one or more switch ports, we can use BPDU filtering to effectively disable
STP on those ports. It prevents port from sending and receiving BPDUs. It can be enabled on both
interface & global level.

Switch(config)# spanning-tree portfast bpdufilter default

Switch(config-if)# spanning-tree bpdufilter { enable | disable }

What is the difference between BPDU Guard and BPDU Filter?

BPDU Guard works aggresively and puts the port in error-disable state while BPDU filter does not shut
the port, it only filters BPDU. BPDU Guard only prevents receiving BPDUs while BPDU filter prevents
both sending and receiving BPDU.
If Both BPDU Guard and BPDU Filter is enabled on a port than only BPDU filter will work.

What is the difference between STP and RSTP?

The main difference between Rapid Spanning Tree Protocol (RSTP IEEE 802.1W) and Spanning Tree
Protocol (STP IEEE 802.1D) is that Rapid Spanning Tree Protocol (RSTP) assumes the three Spanning Tree
Protocol (STP) ports states Listening, Blocking, and Disabled are same (these states do not forward
frames and they do not learn MAC addresses). Hence RSTP places them all into a new called Discarding
state. Learning and forwarding ports remain more or less the same.

In Spanning Tree Protocol (STP IEEE 802.1D), bridges would only send out a BPDU when they received
one on their root port. They only forward BPDUs that are generated by the Root Bridge. Rapid Spanning
Tree Protocol (RSTP IEEE 802.1W) enabled switches send out BPDUs every hello time, containing current
information.

Spanning Tree Protocol (STP IEEE 802.1D) includes two port types; Root Port and Designated Port. Rapid
Spanning Tree Protocol (RSTP IEEE 802.1W) includes two additional port types called as alternate ports
and backup ports. Analternate port is a port that has an alternative path or paths to the root but is
currently in a discarding state (can be considered as an additional unused root port). A backup port is a
port on a network segment that could be used to reach the root switch, but there is already an active
designated port for the segment (can be considered as an additional unused designated port).

what are the Port states of spanning tree protocol ?

Blocking

listening

learning

Forwarding

disabled.
How to enable or disable spanning tree protocol ?

Spanning Tree Protocol (STP) is enabled by default on modern switches. It is possible to disable or enable
theSpanning Tree Protocol (STP) when required.

To enable Spanning Tree Protocol (STP) on an IOS based switch, use the "spanning-tree vlan
vlan_number" command from global configuration mode as shown below.

switch01>

switch01>enable

switch01#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

switch01(config)#spanning-tree vlan 1

switch01(config)#exit

switch01#

To disable Spanning Tree Protocol (STP) on an IOS based switch use "no spanning-tree vlan
vlan_number" commandfrom global configuration mode as shown below.

switch01>enable

switch01#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

switch01(config)#no spanning-tree vlan 1

switch01(config)#exit

switch01#

18.
The root bridge is the bridge with the best bridge id. With STP, the key is for all the switches in the
network to elect a root bridge that becomes the focal point in the network. All other decisions in the
network – such as which port is to be blocked and which port is to be put in forwarding mode – are
made from the perspective of this root bridge.

19.

Define BPDU.

BPDU : All the switches exchange information to use in the selection of the root switch as well as in
subsequent configuration of the network. Each switch compares the parameters in the Bridge protocol
Data Unit that it sends to one neighbor with the one that it receives from another neighbor.

20.

Define Bridge ID.

The bridge ID is how STP keeps track of all the switches in the network. It is determined by a
combination of the bridge priority (by default 32,768) and the base MAC address. The bridge with the
lowest bridge ID becomes the root bridge in the network.

Define Port cost :

Port cost determines the best path when multiple links are used between two switches and none of the
links is a root port. The cost of a link is determined by the bandwidth of a link.

22.

What is Root Port ?

The root port is always the link directly connected to the root bridge, or the shortest path to the root
bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the
bandwidth of each of link. The lowest-cost port becomes the root port. If multiple links have the same
cost, the bridge with the lower advertising bridge ID is used.

23.
What is Designated Port ?

A designated port is one that has been determined as having the best cost. A designated port will be
marked as a forwarding port.

Spanning Tree Protocol Convergence ?

Spanning Tree Protocol (STP) convergence (Layer 2 convergence) happens when bridges and switches
have transitioned to either the forwarding or blocking state. When layer 2 is converged, Root Switch is
elected and Root, Designated and Non-Designated ports in all switches are selected. At Converged
condition, the Root and Designated are in forwarding state, and all other ports are in blocking state.

The time it usually takes to change from blocking to forwarding state is 50 seconds (Blocking to listening
is 20 seconds; Listening to learning is 15 seconds; Learning to forwarding is 15 seconds), when Spanning
Tree Protocol (STP) timers are in their default values. Until the port reaches forwarding state, no user
traffic is forwarded through the port and the end user may feel that there is no network connectivity.

what is non-designated port

A non-designated port is one with a higher cost than the designated port. Non designated ports are put
in blocking mode – they are not forwarding ports.

Explain store and forward :

Store-and-forward switching is one of three primary types of LAN switching. With the store-and-forward
switching method, the LAN switch copies the entire frame onto its onboard buffers and computes the
cyclic redundancy check (CRC). Because it copies the entire frame, latency through the switch varies with
frame length.

The frame is discarded if it contains a CRC error, if it's too short (less than 64 bytes including the CRC), or
if it's too long (more than 1,518 bytes including the CRC). If the frame doesn't contain any errors, the
LAN switch looks up the destination hardware address in its forwarding or switching table and
determines the outgoing interface. It then forwards the frame toward its destination.
What are the states of Hot Standby Routing Protocol (HSRP)?

Initial, Learn, Listen, Speak, Standby and Active